General Information

Course description

This course covers advanced techniques for attacks and defense in Cybersecurity. In particular, the course will teach binary reverse engineering, vulnerability analysis, exploit development, patching vulnerabilities, bug hunting, etc. through ten-weeks of hands-on labs with examples.

This course borrows the format of Capture-The-Flag (CTF) challenges for not only learning techniques required to solve the challenge but also enjoying the fun of taking over the systems and blocking attacks.

Prerequisite

  • Computer Architecture and Assembly Language (CS 271 at OSU)
  • Linux System Administration (CS 312 at OSU)
  • Operating Systems (CS 344/CS 444 at OSU)

Class meetings

Office hours and recitation

We will have office hours from 13:00 to 15:00 (walk-in) at KEC 3079 on Wed, every week (this could be changed at the instructor’s discretion).

Who should take CS 419/519?

CS 419/519 is primarily intended for both undergraduate and graduate students who are interested in obtaining skill sets required to thwart cyber attacks in the wild.

Over the course of lab exercises, students will become confident in competing in Capture-the-Flag (CTF) contests, conducting real-world bug hunting and getting bug bounty awards, and contributing to open-source projects by sending their patches via pull-requests.

Grading policy

  • 80% Lab, 20% from participating in NSA Codebreaker Challenge.
  • If you miss any entire single lab, you will get an F (so please submit at least one flag per each lab).
  • No midterm or final exams.
  • See Rules.

Online Discussion

Online discussion is strongly encouraged and it will help you a lot in solving lab problems.

Misconduct Policy

CS 419/519 provides a 7 day grace period (50% points after due date) and we strictly follow the plagiarism policy (read OSU’s Student Conduct CODE).

Important

Cheating vs. collaboration

Collaboration is a very good thing. On the other hand, cheating is considered a very serious offense and is vigorously prosecuted. Vigorous prosecution requires that you be advised of the cheating policy of the course before the offending act.

For this semester, the policy is simple: don’t cheat:
  • Never share code or text on the project.
  • Never use someone else’s code or text in your solutions.
  • Never consult potential solutions on the Internet.
On the other hand, for this class, you are strongly encouraged to:
  • Share ideas.
  • Explain your code to someone to see if they know why it doesn’t work.
  • Help someone else debug if they’ve run into a wall.

If you obtain help of any kind, always write the name(s) of your sources.

(ref. http://courses.cs.washington.edu/courses/cse451/15au/)

Staff/TA